Browse all 6 CVE security advisories affecting cmoreira. AI-powered Chinese analysis, POCs, and references for each vulnerability.
cmoreira primarily develops web applications and security tools, with a focus on vulnerability research and exploit development. Their work commonly involves remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often in enterprise software and open-source projects. While no major public security incidents are directly attributed to them, their research has contributed to significant patches in widely-used systems. Their CVE history demonstrates a pattern of identifying flaws in authentication mechanisms and input validation processes. Their technical publications and tools have influenced defensive security practices, though their methods occasionally draw scrutiny from the security community regarding responsible disclosure approaches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-49245 | WordPress Testimonials Showcase plugin <= 1.9.16 - Reflected Cross Site Scripting (XSS) vulnerability — Testimonials ShowcaseCWE-79 | 7.1 | High | 2025-07-04 |
| CVE-2025-49246 | WordPress Testimonials Showcase plugin <= 1.9.16 - Broken Access Control Vulnerability — Testimonials ShowcaseCWE-862 | 4.3 | Medium | 2025-06-06 |
This page lists every published CVE security advisory associated with cmoreira. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.